package com.vastcom.jwt;

import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class JwtAuthenticationFilter extends OncePerRequestFilter {
    private static final PathMatcher pathMatcher=new AntPathMatcher();

    @Override
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {

        try {
            if(isProtectedUrl(httpServletRequest)){
                httpServletRequest=JwtUtil.validateTokenAndAddUserIdToHeader(httpServletRequest);
            }
        } catch (Exception e) {
            httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED,e.getMessage());
            return;
        }
        filterChain.doFilter(httpServletRequest,httpServletResponse);
    }


    private boolean isProtectedUrl(HttpServletRequest request){
        return pathMatcher.match("/api/**",request.getServletPath());
    }
}
